SY0-601 exam

A security analyst has received an alert about being sent via email. The analyst’s Chief information Security Officer (CISO) has made it clear that PII must be handle with extreme care From which of the following did the alert MOST likely originate?A . S/MIMEB . DLPC . IMAPD . HIDSView...

A security analyst receives a SIEM alert that someone logged in to the appadmin test account, which is only used for the early detection of attacks. The security analyst then reviews the following application log: Which of the following can the security analyst conclude?A . A replay attack is being...

Which of the following will MOST likely adversely impact the operations of unpatched traditional programmable-logic controllers, running a back-end LAMP server and OT systems with human-management interfaces that are accessible over the Internet via a web interface? (Choose two.)A . Cross-site scriptingB . Data exfiltrationC . Poor system loggingD ....

Which of the following are the MOST likely vectors for the unauthorized inclusion of vulnerable code in a software company’s final software releases? (Select TWO.)A . Unsecure protocolsB . Use of penetration-testing utilitiesC . Weak passwordsD . Included third-party librariesE . Vendors/supply chainF . Outdated anti-malware softwareView AnswerAnswer: D,E

Which of the following BEST explains the difference between a data owner and a data custodian?A . The data owner is responsible for adhering to the rules for using the data, while the data custodian is responsible for determining the corporate governance regarding the dataB . The data owner is...

Which of the following policies would help an organization identify and mitigate potential single points of failure in the company’s IT/security operations?A . Least privilegeB . Awareness trainingC . Separation of dutiesD . Mandatory vacationView AnswerAnswer: C Explanation: Separation of duties - is a means of establishing checks and balances...

The CSIRT is reviewing the lessons learned from a recent incident. A worm was able to spread unhindered throughout the network and infect a large number of computers and servers . Which of the following recommendations would be BEST to mitigate the impacts of a similar incident in the future?A...

Joe, a user at a company, clicked an email link led to a website that infected his workstation. Joe, was connected to the network, and the virus spread to the network shares. The protective measures failed to stop this virus, and It has continues to evade detection . Which of...

An organization has implemented a policy requiring the use of conductive metal lockboxes for personal electronic devices outside of a secure research lab . Which of the following did the organization determine to be the GREATEST risk to intellectual property when creating this policy?A . The theft of portable electronic...

A global pandemic is forcing a private organization to close some business units and reduce staffing at others . Which of the following would be BEST to help the organization’s executives determine the next course of action?A . An incident response planB . A communications planC . A disaster recovery...